Architecture of a single sign on (SSO) for Internet banking

One of the key aspects of cryptography and network/Internet security is authentication. Authentication is all about establishing the identity of one or both parties in a conversation or session. There are many ways to authenticate a user like password-based, forms-based, token-based, certificate-based, smart cards, biometrics and Kerberos. Kerberos helps in achieving single sign on (SSO). SSO is a method of access control that enables a user to authenticate once and gain access to the resources of multiple software systems. This paper deals with the case study for a banking application that is providing all the services to its customers via the Internet. But the requirement is user should be able to log on to the bank's site using a single user-id and password. Once user logs in to one of the application, all other applications should automatically detect that the user has already authenticated itself to the application & simply reuse the credentials of that authentication. This requirement calls for the solution of single sign on (SSO). This paper discusses a SSO solution that provides a single authentication interface to all the end-users.